Download:
|
by Yair Amir, Damian Hasse, Yongdae Kim, Cristina Nita-rotaru, Theo Schlossnagle, John Schultz, Jonathan Stanton
http://www.isi.edu/~gts/paps/aahknssst99.ps.gz
Add To MetaCart
Abstract:
Increasing popularity and diversity of collaborative applications prompts the need for highly secure and reliable communication platforms for dynamic peer groups. Security mechanisms for such groups tend to be both expensive and complex and their integration with reliable group communication services presents a formidable challenge. This paper discusses some important integration issues, reports on the implementation experience and provides experimental results. Our approach utilizes distributed group key management developed by the Cliques project. We enhance it to handle processor and network faults (under a fail-stop or crash-and-recover model) and asynchronous membership events (such as cascading joins, leaves, merges and network partitions). Our approach leverages the strong properties provided by the Spread group communication system, such as message ordering, clean failure semantics and a membership service. The result of this work is a secure group communications layer and an API which provide the application programmer both standard group services as well as flexible security services.
Citations
|
1952
|
New Directions in Cryptography
– Diffie, Hellman
- 1976
|
|
1666
|
Handbook of Applied Cryptography
– Menezes, Oorschot, et al.
- 1997
|
|
597
|
Kerberos: An Authentication Service for Open Network Systems
– Steiner, Neuman, et al.
- 1988
|
|
357
|
Transis: A Communication Sub-System for High Availability
– AMIR, DOLEV, et al.
- 1992
|
|
315
|
Renesse. Reliable Distributed Computing with the Isis Toolkit
– Birman, van
- 1994
|
|
289
|
Exploiting virtual synchrony in distributed systems
– Birman, Joseph
- 1987
|
|
201
|
Extended Virtual Synchrony
– Moser, Amir, et al.
- 1994
|
|
194
|
A High Performance Totally Ordered Multicast Protocol
– Whetten, Montgomery, et al.
- 1994
|
|
160
|
The Totem single-ring ordering and membership protocol
– Amir, Moser, et al.
- 1995
|
|
129
|
The SecureRing Protocols for Securing Group Communication
– Kihlstrom, Moser, et al.
- 1998
|
|
126
|
Diffie-Hellman key distribution extended to group communication
– Steiner, Tsudik, et al.
- 1996
|
|
112
|
The spread wide area group communication system
– Amir, Stanton
- 1998
|
|
103
|
CLIQUES: A New Approach to Group key Agreement
– Steiner, Tsudik, et al.
- 1998
|
|
97
|
New multi-party authentication services and key agreement protocols
– Ateniese, Steiner, et al.
- 2000
|
|
96
|
HMAC: Keyed-Hashing for Message Authentication", RFC 2104
– Krawczyk, Bellare, et al.
- 1997
|
|
86
|
Replication Using Group Communication Over a Partitioned Network
– Amir
- 1995
|
|
70
|
Internet Privacy Enhanced Mail
– Kent
- 1993
|
|
66
|
Horus: A flexible group communication system
– Renesse, Birman, et al.
- 1996
|
|
44
|
Scalable group membership services for novel applications
– Anker, Chockler, et al.
- 1998
|
|
42
|
The Blowfish Encryption Algorithm
– Schneier
- 1994
|
|
42
|
Specifying and using a partionable group communication service
– Fekete, Lynch, et al.
- 1997
|
|
34
|
Group key management protocol (gkmp) specification
– Harney, Muckenhirn
- 1997
|
|
34
|
Ensemble Security
– Rodeh, Birman, et al.
- 1998
|
|
29
|
Providing Support for Survivable CORBA Applications with the Immune System
– Narasimhan, Kihlstrom, et al.
- 1999
|
|
21
|
The design of a group key agreement API
– Ateniese, Chevassut, et al.
- 1999
|
|
6
|
The Official PGP User's Guide. prz@acm.org
– Zimmerman
- 1994
|
